Privacy Policy
At Zentiya, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our retail management platform and services.
This policy applies to information we collect when you use Zentiya's platform, website, mobile applications, and related services (collectively, the "Services"). By using our Services, you agree to the collection and use of information in accordance with this policy.
Table of Contents
1. Overview
Zentiya by LTK Soft Pvt Ltd ("Zentiya," "we," "us," or "our") operates a retail management platform that provides point-of-sale (POS), inventory management, and related services to retail businesses worldwide.
This Privacy Policy describes:
- What personal information we collect and why
- How we use and protect your information
- When and with whom we share information
- Your rights and choices regarding your information
- How we comply with privacy laws including GDPR, CCPA, and others
Important Note:
Zentiya acts as both a data controller (for our own business operations) and a data processor (when processing customer data on behalf of retailers using our platform).
2. Information We Collect
We collect several types of information from and about users of our Services:
2.1 Account Information
When you create a Zentiya account, we collect:
- Full name and business name
- Email address and phone number
- Business address and location
- Password (encrypted)
- Payment information (processed by third-party providers)
- Tax identification numbers (when required)
2.2 Business & Transaction Data
As you use Zentiya for your retail operations, we collect:
- Product inventory information
- Sales transactions and payment records
- Customer purchase history (on behalf of your business)
- Employee user accounts and activity logs
- Store locations and operating hours
- Supplier and vendor information
2.3 Usage & Technical Data
We automatically collect certain information when you use our Services:
- IP address and device information
- Browser type and operating system
- Pages visited and features used
- Time and date of access
- Referring website addresses
- Crash reports and performance data
- Cookies and similar tracking technologies
2.4 Your Customer Data (You Control)
When you use Zentiya to manage your retail business, you may input information about your customers. This data belongs to you, and we process it on your behalf as a data processor:
- Customer names and contact information
- Purchase history and preferences
- Loyalty program data
- Payment information (tokenized)
Important: You are responsible for obtaining appropriate consents from your customers for collecting and processing their data. Zentiya provides tools to help you comply with privacy laws.
2.5 Communications
We collect information when you contact us for support, provide feedback, or participate in surveys. This includes email content, support tickets, and any information you choose to provide.
3. How We Use Your Data
We use the information we collect for the following purposes:
Provide Services
- Operate and maintain the Zentiya platform
- Process transactions and manage inventory
- Enable multi-location synchronization
- Provide customer support
- Send service updates and notifications
Improve Services
- Analyze usage patterns and trends
- Develop new features and functionality
- Conduct research and testing
- Fix bugs and improve performance
- Personalize user experience
Security & Fraud Prevention
- Detect and prevent fraud
- Monitor for security threats
- Enforce our Terms of Service
- Protect user accounts
- Conduct security audits
Communications
- Respond to inquiries and requests
- Send important account information
- Provide product updates
- Send marketing communications (with consent)
- Conduct surveys and research
Legal Compliance
- Comply with legal obligations
- Respond to lawful requests
- Enforce our legal rights
- Resolve disputes
- Maintain records as required by law
Business Operations
- Process payments and billing
- Manage subscriptions
- Generate invoices and receipts
- Conduct financial reporting
- Manage business relationships
Legal Basis for Processing (GDPR)
For users in the European Economic Area (EEA), UK, and Switzerland, we process your personal data based on the following legal grounds:
- Contract:Processing necessary to provide our Services to you
- Legitimate Interest:Improving services, security, and business operations
- Consent:Marketing communications and optional features
- Legal Obligation:Compliance with laws and regulations
4. Data Sharing & Disclosure
We do not sell your personal information. We share your information only in the following circumstances:
4.1 Service Providers & Subprocessors
We share data with trusted third-party service providers who help us operate our Services:
| Provider | Purpose | Location |
|---|---|---|
| Amazon Web Services | Cloud hosting & infrastructure | Multiple regions |
| Stripe | Payment processing | USA |
| SendGrid | Email delivery | USA |
| Twilio | SMS notifications | USA |
| Intercom | Customer support | USA |
4.2 Business Transfers
If Zentiya is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you via email and/or prominent notice on our website before your information is transferred and becomes subject to a different privacy policy.
4.3 Legal Requirements
We may disclose your information if required to do so by law or in response to:
- Valid legal process (subpoena, court order, search warrant)
- Governmental or regulatory requests
- To protect the rights, property, or safety of Zentiya, our users, or others
- To enforce our Terms of Service or other agreements
- To detect, prevent, or address fraud, security, or technical issues
4.4 With Your Consent
We may share your information with third parties when you explicitly consent to such sharing. For example, if you choose to integrate Zentiya with third-party applications or services.
4.5 Aggregated & De-identified Data
We may share aggregated or de-identified information that cannot reasonably be used to identify you. For example, we may share industry trends, usage statistics, or benchmarking data with partners or the public.
5. Data Retention
We retain your information for as long as necessary to provide our Services and fulfill the purposes outlined in this Privacy Policy.
Retention Periods
Retained while your account is active, plus 30 days after account deletion (for recovery purposes)
Retained for 7 years for accounting, tax, and legal compliance purposes
Retained for 90 days for security and operational purposes
Retained for 3 years for quality assurance and dispute resolution
Retained until you unsubscribe or withdraw consent
When you delete your account, we will delete or anonymize your personal information within 30 days, except where we must retain it for legal, regulatory, or legitimate business purposes. You can request immediate deletion by contacting us at privacy@zentiya.com.
6. Your Privacy Rights
Depending on your location, you may have certain rights regarding your personal information:
GDPR Rights (EEA, UK, Switzerland)
If you are located in the European Economic Area, UK, or Switzerland
Right to Access
Request a copy of your personal data
Right to Rectification
Correct inaccurate or incomplete data
Right to Erasure
Request deletion of your data ('right to be forgotten')
Right to Restrict Processing
Limit how we use your data
Right to Data Portability
Receive your data in a structured, machine-readable format
Right to Object
Object to processing based on legitimate interests
Right to Withdraw Consent
Withdraw consent at any time (where applicable)
Right to Lodge a Complaint
File a complaint with your data protection authority
CCPA Rights (California Residents)
If you are a California resident
How to Exercise Your Rights
To exercise any of your privacy rights, you can:
Email Us
privacy@zentiya.comOnline Form
Submit RequestWe will respond to your request within 30 days (or as required by applicable law). We may need to verify your identity before processing your request.
7. Data Security
We implement comprehensive security measures to protect your information from unauthorized access, alteration, disclosure, or destruction.
Encryption
All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
Access Controls
Multi-factor authentication, role-based access, and least privilege principles
Monitoring
24/7 security monitoring, intrusion detection, and incident response
Audits
Regular security audits, penetration testing, and compliance reviews
Security Certifications
Data Breach Notification
In the event of a data breach that affects your personal information, we will notify you and relevant authorities within 72 hours as required by GDPR and other applicable laws. We will provide details about the breach, its impact, and steps we're taking to address it.
9. International Data Transfers
Zentiya operates globally with data centers in multiple regions. Your information may be transferred to, stored, and processed in countries other than your country of residence.
Data Residency Options
We offer data residency in the following regions:
You can choose your data residency region during account setup. Data stays in your chosen region unless you explicitly configure multi-region replication.
Safeguards for International Transfers
When we transfer data internationally, we implement appropriate safeguards:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Data Processing Agreements (DPAs) with all subprocessors
- Adequacy decisions where available (e.g., EU-US Data Privacy Framework)
- Technical and organizational measures to protect data
- Regular compliance assessments
10. Children's Privacy
Zentiya is a business-to-business (B2B) platform designed for retail businesses. Our Services are not directed to children under the age of 16, and we do not knowingly collect personal information from children.
If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@zentiya.com. We will take steps to delete such information from our systems.
Note for Retailers: If you collect information about children through your retail business using Zentiya, you are responsible for complying with applicable children's privacy laws (COPPA, GDPR Article 8, etc.) and obtaining appropriate parental consent.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.
How We Notify You
- Post the updated policy on this page with a new 'Last Updated' date
- Email registered users about material changes
- Display a prominent notice on our platform for 30 days
- Request your consent for material changes (where required by law)
Your continued use of our Services after changes become effective constitutes your acceptance of the updated Privacy Policy. If you disagree with the changes, you may close your account.
Version History
12. Contact Information
If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:
Privacy Team
privacy@zentiya.com
Within 48 hours
Data Protection Officer
dpo@zentiya.com
GDPR-related inquiries
Mailing Address
Attn: Privacy Team
#79/3, Outer Ring Road, Bellandur
Bangalore, Karnataka 560103
India
🇪🇺 EU Representative (GDPR Article 27)
For users in the European Union, you can contact our EU representative:
Email: eu-privacy@zentiya.com
Address: 10 Finsbury Square, London EC2A 1AF, United Kingdom
Supervisory Authorities
If you believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with your local data protection authority:
Your Privacy Matters to Us
We're committed to protecting your privacy and being transparent about how we handle your data. If you have any questions or concerns, our privacy team is here to help.